Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| abf9e6471b |
@@ -10,7 +10,7 @@ jobs:
|
||||
runs-on: almalinux-8
|
||||
container:
|
||||
image: git.unkin.net/unkin/almalinux8-actionsdind:latest
|
||||
options: "--privileged --volume /etc/pki/tls/vault:/etc/pki/tls/vault:ro"
|
||||
options: --privileged
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
@@ -36,7 +36,7 @@ jobs:
|
||||
runs-on: almalinux-8
|
||||
container:
|
||||
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
|
||||
options: "--privileged --volume /etc/pki/tls/vault:/etc/pki/tls/vault:ro"
|
||||
options: --privileged
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
|
||||
+2
-7
@@ -47,11 +47,8 @@ def get_vault_client() -> hvac.Client:
|
||||
logger.error("VAULT_ROLE_ID environment variable is required")
|
||||
raise ValueError("VAULT_ROLE_ID environment variable is required")
|
||||
|
||||
# Initialize Vault client with CA certificate
|
||||
client = hvac.Client(
|
||||
url=vault_addr,
|
||||
verify='/etc/pki/tls/cert.pem'
|
||||
)
|
||||
# Initialize Vault client
|
||||
client = hvac.Client(url=vault_addr)
|
||||
|
||||
# Authenticate using AppRole
|
||||
try:
|
||||
@@ -87,7 +84,6 @@ def get_api_tokens() -> Tuple[str, str]:
|
||||
# Read GitHub token
|
||||
try:
|
||||
github_secret = client.secrets.kv.v2.read_secret_version(
|
||||
mount_point='kv',
|
||||
path='service/github/neoloc/tokens/read-only-token'
|
||||
)
|
||||
github_token = github_secret['data']['data']['token']
|
||||
@@ -99,7 +95,6 @@ def get_api_tokens() -> Tuple[str, str]:
|
||||
# Read Gitea token
|
||||
try:
|
||||
gitea_secret = client.secrets.kv.v2.read_secret_version(
|
||||
mount_point='kv',
|
||||
path='service/gitea/unkinben/tokens/read-only-packages'
|
||||
)
|
||||
gitea_token = gitea_secret['data']['data']['token']
|
||||
|
||||
+2
-7
@@ -47,11 +47,8 @@ def get_vault_client() -> hvac.Client:
|
||||
logger.error("VAULT_ROLE_ID environment variable is required")
|
||||
raise ValueError("VAULT_ROLE_ID environment variable is required")
|
||||
|
||||
# Initialize Vault client with CA certificate
|
||||
client = hvac.Client(
|
||||
url=vault_addr,
|
||||
verify='/etc/pki/tls/cert.pem'
|
||||
)
|
||||
# Initialize Vault client
|
||||
client = hvac.Client(url=vault_addr)
|
||||
|
||||
# Authenticate using AppRole
|
||||
try:
|
||||
@@ -87,7 +84,6 @@ def get_api_tokens() -> Tuple[str, str]:
|
||||
# Read GitHub token
|
||||
try:
|
||||
github_secret = client.secrets.kv.v2.read_secret_version(
|
||||
mount_point='kv',
|
||||
path='service/github/neoloc/tokens/read-only-token'
|
||||
)
|
||||
github_token = github_secret['data']['data']['token']
|
||||
@@ -99,7 +95,6 @@ def get_api_tokens() -> Tuple[str, str]:
|
||||
# Read Gitea token
|
||||
try:
|
||||
gitea_secret = client.secrets.kv.v2.read_secret_version(
|
||||
mount_point='kv',
|
||||
path='service/gitea/unkinben/tokens/read-only-packages'
|
||||
)
|
||||
gitea_token = gitea_secret['data']['data']['token']
|
||||
|
||||
Reference in New Issue
Block a user